AMENDMENTS TO THE CLAIMS 



1.-20. (Cancelled) 

21 . (Currently amended) A method of providing computer resource access rights 
to a process, comprising: 

providing a memory storing meta-data, the meta-data defining resource access 
rights of the process and initially having a null value in a field ; 

receiving a request from the process to authenticate a user; 

authenticating the user responsive to the request from the process; and 

responsive to a positive authentication of the user, altering the meta-data in the 

memory by substituting the null value in the field with an identification of 
the user, the substitution providing t o provide the process with a set of 
resource access rights defined for the process. 

22. -23. (Cancelled) 

24. (Previously presented) The method of claim 2 1 , wherein authenticating the 
user responsive to the request from the process comprises: 
providing the user with a first value; 

receiving a user identification and a second value from the process, the second 
value generated responsive to the first value and a password provided by 
the user; 

identifying a password associated with the received user identification; 
generating a third value from the first value and the password associated with the 

received user identification; and 
positively authenticating the user if the generated third value matches the received 

second value. 
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25. (Previously presented) The method of claim 24, wherein generating the third 
value from the first value and the password associated with the received user identification 
comprises: 

applying a hash function to the first value and the password associated with the 
received user identification. 



26. (Previously presented) The method of claim 21, 
wherein the memory stores a directory path; and 
further comprising: 

responsive to the positive authentication of the user, providing the process 
with resource access rights to one or more resources located in a 
directory within the directory path, the directory being designated 
by the altered meta-data. 



27. (Previously presented) The method of claim 2 1 , further comprising: 

storing data in the memory indicating that the process has made a request to 
authenticate the user. 



28. (Previously presented) The method of claim 27, further comprising: 

responsive to receiving a user identification from the user, verifying that the data 
in the memory indicates that the process has made a request to authenticate 
the user. 



29. (Currently amended) A system for providing computer resource access 
rights to a process, comprising: 

a memory for storing meta-data, the meta-data defining resource access rights of 

the process and initially having a null value in a field ; 
an interface module for receiving a request from the process to authenticate a user; 
a validation module for authenticating the user responsive to the request from the 
process; and 
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a security module for altering, responsive to a positive authentication of the user, 
the meta-data in the memory by substituting the null value in the field with 
an identification of the user, the substitution providing to provide the 
process with a set of resource access rights defined for the process. 



30.-31. (Cancelled) 



32. (Previously presented) The system of claim 29, wherein the validation 
module is adapted to: 

provide the user with a first value; 

receive a user identification and a second value from the process, the second value 
generated responsive to the first value and a password provided by the 
user; 

identify a password associated with the received user identification; 

generate a third value from the first value and the password associated with the 

received user identification; and 
positively authenticate the user if the generated third value matches the received 

second value. 



33. (Previously presented) The system of claim 32, wherein the validation 
module is adapted to generate the third value by: 

applying a hash function to the first value and the password associated with the 
received user identification. 



34. (Previously presented) The system of claim 29, 

wherein the memory is adapted to store a directory path; and 
wherein the security module is adapted to: 

provide, responsive to the positive authentication of the user, the process 
with resource access rights to one or more resources located in a 
directory within the directory path, the directory being designated 
by the altered meta-data. 
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35. (Previously presented) The system of claim 29, wherein the memory is 
adapted to: 

store data indicating that the process has made a request to authenticate the user. 

36. (Previously presented) The system of claim 35, wherein the validation 
module is adapted to: 

verify, responsive to receiving a user identification from the user, that the data in 
the memory indicates that the process has made a request to authenticate 
the user. 



37. (Currently amended) A computer program product having a computer- 
readable medium having embodied thereon program code for providing computer resource 
access rights to a process, the program code comprising: 

a memory module for storing meta-data, the meta-data defining resource access 

rights of the process and initially having a null value in a field ; 
an interface module for receiving a request from the process to authenticate a user; 
a validation module for authenticating the user responsive to the request from the 
process; and 

a security module for altering, responsive to a positive authentication of the user, 
the meta-data in the memory module by substituting the null value in the 
field with an identification of the user, the substitution providing to provide 
the process with a set of r esource access rights defined for the process. 



38.-39. (Cancelled) 



40. (Previously presented) The computer program product of claim 37, wherein 
the validation module is adapted to: 

provide the user with a first value; 
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receive a user identification and a second value from the process, the second value 
generated responsive to the first value and a password provided by the 
user; 

identify a password associated with the received user identification; 

generate a third value from the first value and the password associated with the 

received user identification; and 
positively authenticate the user if the generated third value matches the received 

second value. 



41 . (Previously presented) The computer program product of claim 40, wherein 
the validation module is adapted to generate the third value by: 

applying a hash function to the first value and the password associated with the 
received user identification. 



42. (Previously presented) The computer program product of claim 37, 
wherein the memory module is adapted to store a directory path; and 
wherein the security module is adapted to: 

provide, responsive to the positive authentication of the user, the process 
with resource access rights to one or more resources located in a 
directory within the directory path, the directory being designated 
by the altered meta-data. 

43. (Previously presented) The computer program product of claim 37, wherein 
the memory module is adapted to: 

store data indicating that the process has made a request to authenticate the user. 

44. (Previously presented) The computer program product of claim 43, wherein 
the validation module is adapted to: 
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verify, responsive to receiving a user identification from the user, that the data in 
the memory module indicates that the process has made a request to 
authenticate the user. 
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